package servlet.account.control;

import jakarta.servlet.http.*;

public class InfoCheck {
    public InfoCheck() {}
    public boolean checkCredentials( HttpServletRequest request ) {
        HttpSession session = request.getSession(false);
        Cookie[] cookies = request.getCookies();
        // 如果session和cookie都为空，则认为验证成功（初次登录）
        if (session == null && (cookies == null || cookies.length == 0)) {
            return false;
        }

        String sessionID = null;
        for (Cookie cookie : cookies) {
            if ("SESSIONID".equals(cookie.getName())) {
                sessionID = cookie.getValue();
                break;
            }
        }

        if (sessionID != null) {
            HttpSession retrievedSession = request.getSession(false);
            if (retrievedSession != null && sessionID.equals(retrievedSession.getId())) {
                return true;
            }
        }


        // 如果没有匹配的cookie或sessionToken为空，则验证失败
        return false;
    }
}